CVE-2005-0331 — Path Traversal in Winrar

3 documents3 sources

Severity

2.6LOWNVD

EPSS

0.4%

top 40.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rarlab Winrar

Timeline

PublishedMay 2

Latest updateMay 1

Description

Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDrarlab/winrar9 versions+8

🔴Vulnerability Details

GHSA

GHSA-hm46-4hjh-p78w: Directory traversal vulnerability in WinRAR 3↗2022-05-01

▶

CVEList

CVE-2005-0331: Directory traversal vulnerability in WinRAR 3↗2005-02-10

▶